What are colored bitcoins?Here's a brief description by Meni Rosenfeld (quote from upcoming paper on this subject):

Quote

By the original design bitcoins are fungible, acting as a neutral medium of exchange. However, by carefully tracking the origin of a given bitcoin, it is possible to “color” a set of coins to distinguish it from the rest. These coins can then have special properties supported by either an issuing agent or a Schelling point, and have value independent of the face value of the underlying bitcoins. Such colored bitcoins can be used for alternative currencies, commodity certificates, smart property, and other financial instruments such as stocks and bonds.

Why do we need them?Again, Meni Rosenfeld:

Quote

Because colored bitcoins make use of the existing Bitcoin infrastructure and can be stored and transferred without the need for a third party, and even be exchanged for one another in an atomic transaction, they can open the way for the decentralized exchange of things that are not possible by traditional methods.

So, decentralized exchanges (as an alternative to things like GLBSE and MtGox), private currencies, stuff like that. Very interesting, in my opinion. We do not really need them, but it's cool.

(Well, technically there is a couple of problems: Bitcoin blockchain is hostile towards microtransactions and probably cannot scale to support them on a large scale. But it isn't a fundamental problem, I think.)

As you say, I don't think is a fundamental problem. Bitcoin is only hostile toward microtransactions because it makes little sense to do any transaction for an amount around what it costs to pay the transaction fee. However, it isn't necessary to include every transaction in a block at the same time, or to do microtransactions one at time.

It has been suggested that in the future, parties who have some level of trust may create a chain of dependent bitcoin transactions before finally submitting the entire chain to a miner with an appropriate fee (but at a discount from the fee-per-transaction model). There was another, related idea that would allow one party to securely pay another in small increments up to a predetermined amount. Unfortunately, I cannot remember where I saw that.

Interpretation from Sesame Street: a business could color .01000000 bitcoins then sell them each for 1 millionth of a share of their profits, all being tracked on the blockchain? Then .00000001 colored bitcoin could trade just like 1 share of stock. For example it could be worth 10 bitcoins?

Best Bitcoin supported browser game:Minethings: Dig, Trade, and Fight your way to influence!

Can the colored bitcoin concept be accomplished without having to traverse the blockchain to ensure the coins came from an issuing transaction? This is probably necessary anyway because of blockchain pruning. Perhaps allowing output scripts to compare/analyze serialized input scripts to ensure that an input is derived from an issuing script or transaction.

"With four parameters I can fit an elephant, and with five I can make him wiggle his trunk." John von Neumannbuy me beer: 1HG9cBBYME4HUVhfAqQvW9Vqwh3PLioHcU

Well, what this actually does is expanding the space of currency from one dimensional to n-dimensional.

But to use that consistently trade would have to be done upon an agreement of angle the corresponding vector... not something that non-nerds would be comfortable of doing I like the idea anyway, especially because you have just done it instead of bragging about it first.

First they ignore you, then they laugh at you, then they keep laughing, then they start choking on their laughter, and then they go and catch their breath. Then they start laughing even more.

Can the colored bitcoin concept be accomplished without having to traverse the blockchain to ensure the coins came from an issuing transaction? This is probably necessary anyway because of blockchain pruning.

I don't think this is necessary: people who are interested in having their coins colored will keep part of transaction history which would trace them to genesis transaction. Then they can show this history to prove that their coins are colored. Sale of colored coins would include sharing history with counterparty.

I understand the coloring part, but I don't get how this paves the way for distributed exchanges. What am I missing?

People having coins of different colors can exchange them securely via a simple bitcoin transaction which would be atomic.

E.g. one person gives 1 red coin and gets 5 blue coins, other person gives 5 blue coins and gets 1 red coins, they construct a transaction, sign it, and once it is in blockchain trade is done. (If one person signs but other doesn't transaction would be invalid. If there is a double-spend, it would also invalidate whole txn. So trade transactions are in fact more secure than accepting bitcoins.)

So what's left is order matching logic, i.e. allowing person which is willing to trade red coins for blue coins to find a person who wants the opposite.

I don't think this is necessary: people who are interested in having their coins colored will keep part of transaction history which would trace them to genesis transaction. Then they can show this history to prove that their coins are colored. Sale of colored coins would include sharing history with counterparty.

There are some disadvantages to maintaining a record of colored coins. New participants in a theoretical exchange will need to bootstrap from the issuer or other interested peers to verify colored coins, and then maintain an archive of derivative transactions. (You can imagine the problems at high transaction volumes.) If they only had to bootstrap from a single transaction hash, peers could begin verifying and trading "securities" immediately, and nobody would need to maintain a list of colored outputs -- the blockchain itself would serve that purpose.

There are some disadvantages to maintaining a record of colored coins. New participants in a theoretical exchange will need to bootstrap from the issuer or other interested peers to verify colored coins, and then maintain an archive of derivative transactions. (You can imagine the problems at high transaction volumes.) If they only had to bootstrap from a single transaction hash, peers could begin verifying and trading "securities" immediately, and nobody would need to maintain a list of colored outputs -- the blockchain itself would serve that purpose.

Sure, it's a trade-off: we either have a complex, but fast solution; or we have simple, but resource-hungry. We should take both development costs and performance costs into account.

It's also possible that colored bitcoin history will be hosted either on some for-profit service (i.e. for a small fee you get access to a whole archive) or in a DHT (since transactions are already secure it is sufficient to have key-value store to fetch history).

This is true... I can't think of any easy way to implement this (yet). But if someone finds out, that'd be interesting.

Well, the most straightforward way to do that is to add color tags to all colored inputs/outputs and to ask miners to verify those tags. (I.e. in addition to normal verification rules they will also check for conservation of colored coins, i.e. that coins do not appear out ouf nowhere.)

Of course, it's unlikely that we'll ever see that in Bitcoin, but it's fairly easy to implement it in an alt-chain.

I like this idea, but not the fact that it would require the global Bitcoin network to verify the colored flags. Would it not be better to just verify the coins on a firewall network and broadcast to the network from there? On the client side, colored wallets can keep the coins separated. If someone wants to spend their locally deflated coins outside their local network, they would need to go through an exchange or lose the value of the colored tag.

Any significantly advanced cryptocurrency is indistinguishable from Ponzi Tulips.

I like this idea, but not the fact that it would require the global Bitcoin network to verify the colored flags. Would it not be better to just verify the coins on a firewall network and broadcast to the network from there? On the client side, colored wallets can keep the coins separated. If someone wants to spend their locally deflated coins outside their local network, they would need to go through an exchange or lose the value of the colored tag.

Well, the solution right now is to trace history using full block chain on clients. It's easy to implement and it works fine right now.

Once performance will be a problem we can look for solutions. Apparently there are several options available and which one is the best would depend on environment. So it's a bit too early to discuss which solution is the best.

At least we know that options are available.

DHT can be a drop-in solution: it doesn't require switching to a different chain or using special transaction format or adding extra script complexity. People simply can switch to using DHT instead of using local full chain.

Well, what this actually does is expanding the space of currency from one dimensional to n-dimensional.

But to use that consistently trade would have to be done upon an agreement of angle the corresponding vector... not something that non-nerds would be comfortable of doing I like the idea anyway, especially because you have just done it instead of bragging about it first.

Exactly! Actually, my friend Ryland-Almanza and I where working on an altcoin based from solidcoin that would have colored coins, but we called them patterned coins, like plaid and checkered etc (ryland is colorblind).

pybond will also be a colored coin implementation, with a subset of colored coins being distributed bonds. Have a lot of networking boilerplate to write first; the basic design is simply following "rules for colored coins" and "atomic coin swapping" though.

P.S. My name for colored coins is "smartcoins." Sexier, more marketing friendly name ;p